Main job responsibilities:
• Penetration Testing and Red Teaming – conduct penetration tests and IT security audits for mid and large scale client environments (Production, IoT, Government sector, Banking sector companies).
Perform Black box, Gray box, White box penetration tests for IT infrastructure, Networks, Cloud services, Web Applications and API, using popular testing methodologies like: (OWASP, OSTTM, PTES, ASVS).
Prepare comprehensive reports for client about detected vulnerabilities and remediation steps.
• Penetration testing and security auditing engagement planning and scaling to match client needs and requirements, full engagement live cycle planning and management including project leadership.
• Cyber team leadership and mentoring, daily cyber team management and workloads planning, help team members with mentorship and knowledge exchange.
• Cybersecurity engagement marketing and sales activities, preparation of Cybersecurity marketing materials and engagement proposals for IT auditing and Penetration testing services, including preparation of public tender documentations.
• Incident response activities, malware research and investigation for mid-size companies. Participated in incident response process after malware attacks, malware investigation attack mitigation and investigation.
• IAM and Business role modeling implementation (entry level experience), IAM framework implementation for Financial services company. Participated in IAM framework implementation projects for Financial services company, to analyze existing business role model, plan and implement new Business role models.
Experience with red teaming tools like: Kali linux, Burpsuite Pro,Zap Web Attack Proxy, Nessus, Nmap,Wireshark, Hashcat, Metasploit, SqlMap, Infection Monkey, 1N3/Sn1per: Attack Surface Management Platform, mimikatz.
• Enterprise IT solutions implementations and management (Windows Servers and Domain services, on demand and inside cloud environments.